If the problem is an expired device certificate then this was a very quick turnaround.
All shipped chromecast receiver devices have the device cert private key safely locked behind a TPM. Sending new certificates across the network without carefully planning things gives us a chance to intercept them & use them in our own receiver software which could e.g. download streams from Netflix/ Disney etc.
Paragraphs 3 & 4 describe the (free) Leaked Credentials Detection service they're leveraging for this research.
Could this be a bug caused by the fact that I have two screens (Moto Razr+)?
Doubt it. This happens a lot for me too on a boring single-screen S23.
I assumed it was crappy devs not testing on FF anymore & have lived with it (since it's a pain to debug css/js problems on mobile).
Next time I see it happening I'll reproduce on desktop FF with responsive emulation & report the bug.
(Tweaked) Verdana FTW.
I liked proportional fonts for reading code - several of my favorite programming books used proportional fonts for code examples - so when Verdana was released in 1996 I switched to using it in my IDEs. I've had 27 years of pleasantly ergonomic coding - it has a high x-height, different 0/O, I/l/1, and impeccable hinting and kerning. ❤️❤️❤️
So uncomfortably true!
I recall spending a (large) number of weeks struggling through Elementary Stochastic Calculus, which had an incredibly misleading sticker on the cover proclaiming:-
"This book is suitable for the reader without a deep mathematical background."
The first report I looked at was Entrust refusing to revoke certs because their clients' manual processes would make applying reissued certificates inconvenient.
Quite fun reading, surprisingly - a mid thread revelation that they'd pulled the exact same shit 4 years ago, an attempt by Entrust to kill the issue because unattributed legal advice said they'd misreported the error. And then, just when their chutzpah seemed to be wearing everyone down, a good 'fuck you' from Apple forced them to revoke the certs after all.
I'm not surprised Google had enough & yanked their license to print money.
This. Exactly the same response where I worked.
I'm not sure how much money they'll actually get from this.
The (50,000 employee) company I worked for had very slow IT processes at the time, but when the licensing changed they treated it like a critical security vulnerability because of the amount of money involved: they very quickly migrated their software packages to include non-Oracle OpenJDK builds & rolled out an update to uninstall Oracle java from all PCs. And all server owners were given a deadline to migrate or start paying recovery costs.
I imagined it'd be smaller organisations which would've sat on this issue.
Linux font rendering is generally very good now, so I think they've gotten past that. Apart from a System76 desktop, which was terrible, I haven't hated the rendering for many years. It's just that Microsoft's font rendering (maximizing clarity at the expense of destroying the font metrics) is exactly what I want to look at all day if I'm staring at code. When I look at screenshots of vscode on Linux and Mac the code looks beautiful, because the font renderer hasn't beaten the characters with a big stick to make them fit the pixel grid, but when I switch back to windows after using Linux/Mac then it feels like someone fixed the focus and de-blurred everything.
And now that I can have as many Linux installs as I like running concurrently via WSL2, I get to use Linux all day without losing the stuff I like about Windows.
I don't play games, but I do plenty of dev work including a lot in Visual Studio & SSMS. I always have a few Linux boxes running & try every few months to live on Linux rather than Windows.
Visual Studio can be swapped out for Rider. Rider is quite different feeling than VS, but I guess a lot of devs use another Jetbrains IDE of some kind, in which case it's a fairly easy switch.
SQL Server runs happily on Linux. But SSMS is harder for me to do without. I have Aqua Data Studio & Jetbrains DataGrip, but they don't feel as seamless as SSMS.
In the end though, it's hard to beat Windows + WSL2 now that Windows VSCode & Jetbrains IDEs seamlessly connect to Linux projects. And if you enable nested virtualization and MAC address spoofing then Hyper-V can run anything WSL can't.
Usually I end up moving back to Windows because of font rendering. I far prefer Windows cleartype font rendering on 2160p desktop screens. One day Linux fractional scaling will be perfected or 200+dpi desktop screens will become affordable. Then I might stay on Linux.
Yeah, reading the followup to that post, I think they just created a new intermediate with the same key as the old one & pushed this to chromecasts. I didn't know this was a thing you could do. Learn something new every day 😁.
I've seen enterprise network equipment with this same issue, but the manufacturer instead forced owners to manually renew device certificates. Their device authentication is now broken because the certificate private keys were poorly protected in transit.
I'm wondering now why they didn't just use this key rewrap trick